Get yourself a crypto tee or surprise a crypto enthusiast in your life with our festive Coin Bureau Merch!
3 min read

$615 Million Axie Hack Linked to North Korea By US Authorities

By News Desk

The recent hack of Axie Infinity sidechain Ronin, thought to be the biggest crypto hack in history, has been linked to North Korea, according to US authorities.

The Office of Foreign Assets Control (OFAC) recently announced it was adding an Ethereum address to Lazarus Group’s SDN entry as an identifier.

Lazarus Group is one of the most notorious hacking groups in history, which is believed to be run by the government of North Korea.

According to blockchain tracking firm Chainalysis, the address that the OFAC linked was the same address that received 173,000 ETH after the Ronin hack.

Image

Chainalysis

“The attribution of the Ronin hack to Lazarus Group underlines two industry needs Chainalysis has highlighted previously: Understanding of how DPRK-affiliated threat actors exploit crypto, and better security for DeFi protocols,” Chainalysis said, adding “The newly designated ETH address has now been labelled in the Sanctions category in all Chainalysis products.”

Ronin said the hack, which happened last month, occurred when an attacker managed to take control over the private keys for its validator nodes and the nodes for the Axie Infinity Decentralized Autonomous Organization (DAO).

The hacker then used the keys to make fake withdrawals which weren’t noticed until a user reported not being able to withdraw 5,000 ETH from the platform’s bridge.

According to the post mortem report, the attacker found a weakness stemming from November of last year when Sky Mavis, the company behind Axie Infinity, requested help from the Axie DAO to distribute free transactions due to an overload of users.

Sky Mavis was only supposed to be able to sign transactions on the DAO’s behalf temporarily, but allowlist access was not properly revoked. This meant the attacker was able to use Sky Mavis as a backdoor to access The Ronin bridge and Katana Dex.

In its latest report, Chainalysis says that hackers are stealing more from decentralized finance (DeFi) platforms than ever before.

“In the past, cryptocurrency hacks were largely the result of security breaches in which hackers gained access to victims’ private keys—the crypto-equivalent of pickpocketing. Ronin Network’s March 2022 breach, which enabled the theft of $615 million in cryptocurrency, has proven the continued effectiveness of this technique.”

Before the Ronin attack, the biggest DeFi hack on record was last year when a bad actor exploited the Poly Network for $613 million. In the case of Poly Network though, the funds were eventually returned for a “small” white-hat reward of $500,000.

Newsletter Inline

Disclaimer: These are the writer’s opinions and should not be considered investment advice. Readers should do their own research.

Related Posts

FTX Exchange
Withdrawals not Halted at FTX: Instead Binance will Buy FTX
FTX Exchange

Withdrawals not Halted at FTX: Instead Binance will Buy FTX

November 9th, 2022 3 min read
OKX invests in WAX
OKX Blockdream Ventures Invests Millions in GameFi and NFT Development on WAX
OKX invests in WAX

OKX Blockdream Ventures Invests Millions in GameFi and NFT Development on WAX

June 3, 2022 2 min read
Binance partners with the weekend
Binance Partners with The Weekend to Provide First-Ever Web 3 Enhanced World Tour
Binance partners with the weekend

Binance Partners with The Weekend to Provide First-Ever Web 3 Enhanced World Tour

June 3, 2022 2 min read
21Shares Releases Sixth State of Crypto Report
21Shares Releases Sixth State of Crypto Report: Summary
21Shares Releases Sixth State of Crypto Report

21Shares Releases Sixth State of Crypto Report: Summary

June 2, 2022 3 min read
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand
Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand

Algorand and MakerX Commit 1M Algo to Migrate Terra Users to Algorand

June 2, 2022 2 min read
Regulators are “Not Allowing” Banks to Engage with Crypto
Bank of America CEO: Regulators are “Not Allowing” Banks to Engage with Crypto
Regulators are “Not Allowing” Banks to Engage with Crypto

Bank of America CEO: Regulators are “Not Allowing” Banks to Engage with Crypto

June 1, 2022 2 min read
US Conference of Mayors Introduces Blockchain Resolution
US Conference of Mayors Introduces Blockchain Resolution
US Conference of Mayors Introduces Blockchain Resolution

US Conference of Mayors Introduces Blockchain Resolution

June 1, 2022 2 min read